Author Archive for
Duncan Hollis

Russia and the DNC Hack: What Future for a Duty of Non-Intervention?

by Duncan Hollis

There are lots of important issues implicated by this morning’s above-the-fold story in the New York Times that U.S. officials and certain cybersecurity experts (e.g., Crowdstrike) have concluded Russian government agencies bear responsibility for hacking the Democratic National Committee’s servers and leaking internal e-mails stored on them to Wikileaks (Russian responsibility for the hack itself was alleged more than a month ago).  The domestic fall-out is already on evidence with the resignation of Debbie Wasserman Schultz and I’m sure we’ll see other impacts here in Philadelphia at this week’s Convention (although Senator Sanders so far is not using the event to walk back his endorsement of Hillary Clinton). U.S. national security officials are treating the news as a national security and counter-intelligence issue (as they absolutely should).

But what does international law have to say about a foreign government obtaining and leaking e-mails about another country’s on-going election processes? This is obviously not a case violating Article 2(4) since that only prohibits the “threat or use of force against the territorial integrity or political independence of any state” and there’s no force at work in the current distribution of data otherwise intended to remain confidential.  But alongside the Charter’s prohibition on the use of force, customary international law has long recognized a ‘duty of non-intervention’ that applies to State behavior in cases falling short of the use of force.  The question then becomes whether the duty applies to this case and if so to what end?  For my part, I see at least three distinct sets of issues:  (i) attribution; (ii) the duty’s scope; (iii) the relevance of international law more generally to cyber security incidents like this one.

1. Attribution — Did Russia do this?  Attribution has both a factual and a legal element, both of which are at issue in the DNC case.  Factually, there’s the question of who actually perpetrated these hacks — the hacker(s) named Guccifer 2.0 claims responsibility but cybersecurity investigators suggest two separate penetrations tied to two different Russian hacker groups, “Cozy Bear” and “Fancy Bear” (international lawyers take note of how much more fun cybersecurity officials have in naming stuff than we do).  Making the factual case of who did what in hacks such as this is always difficult even as recent technological advancements have improved the ability to trace-back in certain cases. Just as importantly, however, there’s always the possibility of a ‘false flag’ where the true perpetrator goes to great lengths to make investigators think some other actor was responsible (i.e, planting evidence/code in a particular language or using coding patterns associated with a particular group of actors).  Ironically, the potential for a false flag means that a State caught red-handed can always invoke plausible deniability and suggest that they are themselves a victim as some other, unknown super-sophisticated actor is trying to frame them.  One can safely assume, for example, that Russia will make this argument in the DNC case.  Indeed, even in cases that appear clear cut like Sony Pictures, there are still those who resist FBI’s assertions of North Korean responsibility.

A second aspect of the attribution inquiry is a more legal one — namely, assuming the individual actors who perpetrated the hack can be identified, when can their actions be attributed to a State? This is not really at issue if the perpetrators are in a State’s direct employ (e.g. military officers or intelligence officials).  But what happens if the perpetrators are nonstate actors?  How much control would a State like Russia need to exercise over the DNC hack and later leak for it to bear responsibility?  That question is one that different international fora have answered differently in different contexts (the ICJ’s Nicaragua case and ICTY’s Tadic case‘s competing tests of effective versus overall control being the most famous examples).  As such, it’s difficult to say at present what relationship a State must have with nonstate hackers or hacktivists to bear responsibility for what they do.  That may not be a bad thing overall, as one can imagine how a clear line might incentive States to proliferate behavior just short of crossing the line in lieu of being chilled from acting generally if the whole area is cast as a truly grey zone.  That said, the ability to debate what international law requires in terms of the State-nonstate actor relationship complicates any application of the duty of non-intervention in individual cases.

2. Scope: What behavior violates the duty of non-intervention?  Assuming that Russia was responsible (which I should be clear at this point is just an assumption), the next question is whether its hacking and leaking of DNC data violated the duty of non-intervention?  Here again, international lawyers will encounter some uncertainty as the precise scope of the duty has never been fully resolved.  To be clear, there’s widespread consensus that a duty of non-intervention is customary international law.  The problems are more the duty’s contents.  The most famous formulation is undoubtedly that put forth by the ICJ in the Nicaragua case (para. 205), prohibiting interventions

bearing on matters in which each State is permitted, by the principle of State sovereignty, to decide freely. One of these is the choice of a political, economic, social and cultural system, and the formulation of foreign policy. Intervention is wrongful when it uses methods of coercion in regard to such choices, which must remain free ones. The element of coercion, which defines, and indeed forms the very essence of, prohibited intervention, is particularly obvious in the case of an intervention which uses force, either in the direct form of military action, or in the indirect form of support for subversive or terrorist armed activities within another State.

The ICJ’s take suggests that intervention requires methods of coercion, forcing the victim State to make different choices than it might were it free of coercive interference.  This pairs with key parts of the earlier 1970 UN General Assembly Declaration on Friendly Relations Among States:

No State or group of States has the right to intervene, directly or indirectly, for any reason whatever, in the internal or external affairs of any other State. Consequently, armed intervention and all other forms of interference or attempted threats against the personality of the State or against its political, economic and cultural elements, are in violation of international law.

No State may use or encourage the use of economic political or any other type of measures to coerce another State in order to obtain from it the subordination of the exercise of its sovereign rights and to secure from it advantages of any kind. Also, no State shall organize, assist, foment, finance, incite or tolerate subversive, terrorist or armed activities directed towards the violent overthrow of the regime of another State, or interfere in civil strife in another State.

Thus, much of the debate over the duty of non-intervention has focused on identifying which coercive measures below the use of force threshold are covered by the prohibition. But, looking at the DNC hack, there’s little evidence that Russia is trying to coerce any particular result. Indeed, it’s not even clear that the goal of the hack was to support Trump’s candidacy.  The operation could have other purposes; for example, I’ve seen suggestions that it might have been a response to Russian presumptions that the United States bears responsibility for the Panama Papers, a data breach that caused some discomfort to Putin’s administration.  Given this, might we not simply write this hack-off as a particularly visible form of espionage?  Is this case equivalent, for example, to the OPM hack?  That hack, while clearly contrary to U.S. national security interests, was not terribly susceptible to claims of an international law violation given international law’s longstanding, complicated relationship with surveillance (for more see Ashley Deek’s recent article).

I’m not so sure, however, that the duty of non-intervention can be dismissed so quickly.  For starters, the hackers did not just take the data and use it to inform their own policies or behavior. They also leaked it, and did so in a way where the timing clearly sought to maximize attention (and corresponding impacts) on the U.S. domestic political campaign process.  Perhaps we need to separate out this incident into two parts — the espionage (i.e., the hack itself) and the interference in the U.S. campaign using the fruits of that espionage.  Doing so suggests the leaking might be the problematic act under a less quoted paragraph of the 1970 U.N. General Assembly Declaration’s description of the duty of non-intervention:

Every State has an inalienable right to choose its political, economic, social and cultural systems, without interference in any form by another State.

Interference in ‘any form’ is clearly a broader formulation than coercive acts, suggesting that actions designed to impact public support for not just a particular candidate, but an entire “political” party, could implicate the duty of non-intervention here.  That said, there are others who’ve been thinking much more carefully on the question of non-intervention and cyberspace than I have.  Later this year, for example, we should be able to read the fruits of Tallinn 2.0, the much-anticipated follow-up to the Tallinn Manual and its take on international law applicable to cyberwar.  Tallinn 2.0 will offer the views of an independent group of experts on how international law regulates cyberspace outside of the use of force and jus in bello contexts, including the duty of non-intervention.  I imagine I’m not alone in wanting to know whether and how its contents will speak to the current DNC crisis.

3. Remedies:  Does International Law Really Matter Here? Talking about this case in the last 24 hours, I’ve had a couple of non-lawyer friends express skepticism over international law’s relevance to the DNC hack.  Given our age, my friends hearken back to the Cold War, suggesting that Russia can and will ignore international law with impunity here (one of the more sanguine among them, also pointed out that the United States has its own history of interfering in foreign elections, a point Jack Goldsmith made earlier today at Lawfare). And, to be sure, there’s some merit to this critique.  After all, Russia’s Security Council veto ensures the inability of that body to respond to these events in any way. And U.S. resistance to the jurisdiction of international courts and tribunals precludes any real chance that a third-party would review the case.

Still, I think it’s important to raise the international legal issues for at least three reasons.  First, and perhaps most obviously, international law does provide self-help remedies in cases of state responsibility, including retorsion (otherwise legal acts done in response to unlawful behavior) and counter-measures (behavior that would otherwise be unlawful but for the fact that it is itself in response to unlawful behavior).  Thus, if Russia was responsible for the DNC hack and that hack did violate the duty of non-intervention, it would free the United States to engage in counter-measures vis-a-vis Russia that would otherwise be unlawful.  Time and space preclude me from surveying all the various counter-measure options that the United States might have, although I’d note there’s an interesting ancillary question of whether international law might limit the U.S. from pursuing certain counter-measures — such as interfering in Russia’s own domestic political process — if doing so is analogous to humanitarian obligations, which are non-derogable (i.e., you cannot violate the human rights of another State’s nationals just because they violated your nationals’ human rights).  I’d welcome reader thoughts on such limits as well as a more open discussion of the types of counter-measures that might be legally available in this case or any collective measures that could be in play.

Second, there’s the question of what happens if international law is not invoked or applied to this case? To the extent state practice can involve acts and omissions, might silence suggest that this sort of behavior (hacking and releasing political parties’ internal communications) is perceived as lawful (or at least not internationally wrongful)?  In other words, how States react to this case will have follow-on effects on future expectations of responsible State behavior, leading to new norms of behavior in cybersecurity.  This is a topic on which I’ve been spending A LOT of time lately with a forthcoming article in the American Journal of International Law that I’ve co-authored with Martha Finnemore (we’ve not posted it yet, but interested readers should e-mail me if they’d like to see a draft).

Finally, there’s an academic reason to undertake this analysis.  In recent years, scholars have debated and emphasized ways to shrink the duty of non-intervention, under the banner of things like human rights (unseating the old assumption that international law did not care what a State did vis-a-vis its own citizens in its own territory) or humanitarian intervention (the idea that responding to a State’s failure to protect those within its borders is more important than the duty of other States to stay out of domestic jurisdiction matters).  I wonder if these arguments are relevant to the current controversy?  Have they inadvertently created space for additional exceptions or otherwise shifted the scope and reach of any duty of non-intervention?  I might be wrong to worry about any such link, but I do think the issue warrants further study.

Thus, I think this is an important case that bears close attention.  I’d like to see how the United States responds publicly, if at all, to the allegations, not to mention how other States or actors view the behavior in question.  For international lawyers, moreover, I’d hope to see further discussions of how to attribute responsibility in cyber security incidents as well as more detailed analyses of how the duty of non-intervention applies in cyberspace than we have had to date.  To that end, I’d welcome reader thoughts and comments.  What have I got wrong?  What am I missing?

 

ASIL Research Forum: Call for Papers

by Duncan Hollis

From our friends at ASIL comes word of the call for proposals for this year’s ASIL Research Forum. The deadline for proposals is July 11.  Here’s the text of the whole message:

The American Society of International Law calls for submissions of scholarly paper proposals for the ASIL Research Forum to be held at ASIL Academic Partner University of Washington School of Law in Seattle, Washington, November 11-12, 2016.

The Research Forum, a Society initiative introduced in 2011, aims to provide a setting for the presentation and focused discussion of works-in-progress from across the spectrum of international law. Please note that – in addition to academics – private practitioners, government attorneys, international organization representatives, and non-government lawyers are frequently selected to present papers based on the abstracts they submit.

Papers may be on any topic related to international, comparative, or transnational law and should be unpublished at the time of their submission (for purposes of the call, publication to an electronic database such as SSRN is not considered publication). Interdisciplinary projects, empirical studies, and jointly authored papers are welcome. Multiple submissions are welcome, but authors will only be selected to present on a single abstract, including co-authored papers.

For full instructions and to submit a proposal, visit www.asil.org/researchforum. Submissions are due by 12 noon ET on Monday, July 11, 2016.

 

President Obama Calls out the Senate on Treaties

by Duncan Hollis

Earlier today, President Obama took time out during his commencement address at the Air Force Academy to make a pointed plea for the value of treaty-making.  Here’s the relevant excerpt from his remarks:

By the way, one of the most effective ways to lead and work with others is through treaties that advance our interests.  Lately, there’s been a mindset in Congress that just about any international treaty is somehow a violation of American sovereignty, and so the Senate almost never approves treaties anymore.  They voted down a treaty to protect disabled Americans, including our veterans, while Senator and World War II veteran Bob Dole was sitting right there in the Senate chambers in a wheelchair.

We don’t always realize it, but treaties help make a lot of things in our lives possible that we take for granted — from international phone calls to mail.  Those are good things.  Those are not a threat to our sovereignty.  I think we can all agree on that.

But also from NATO to treaties controlling nuclear weapons, treaties help keep us safe.  So if we’re truly concerned about China’s actions in the South China Sea, for example, the Senate should help strengthen our case by approving the Law of the Sea Convention — as our military leaders have urged.  And by the way, these treaties are not a new thing.  The power to make treaties is written into our Constitution.  Our Founding Fathers ratified lots of treaties.  So it’s time for the Senate to do its job and help us advance American leadership, rather than undermine it.  (Applause.)

Three paragraphs is not much to fully articulate U.S. interests in treaty-making (let alone give a balanced overview of the arguments over UNCLOS).  Thus, I think the more noteworthy thing here is the fact that the remarks are coming from the President himself.  It’s one thing to call out the Senate on a specific treaty like the Disabilities Convention, but this slap is more systemic. President Obama has not had a good record when it comes to making treaties through the Article II Advice and Consent process.  With the exception of the new START treaty, the Senate has refused to act on most treaties, including certain types of treaties (e.g., tax treaties, fish treaties) that in prior Administrations were entirely uncontroversial.  Thus, we might see this speech as a late shift in strategy, where the White House is moving off treaty-specific pro’s and con’s to reconstruct this issue in constitutional terms.  I’m not too sanguine that the move will be any more successful at getting votes on pending treaties, but the Senate’s response (if any) will bear watching.

What do others think?  Is there anything I’m missing here?

[UPDATE: An astute reader points out that I was incorrect to cite fish treaties as an example of Senate hostility to treaty-making.  In fact, all four treaties that have received Senate advice and consent since 2012 involved fish; in other words, fish treaties are the only treaties that have gotten through in the last four years.  Tax treaties and treaties on scientific cooperation and conservation, which in the past were, like fish treaties, non-controversial, are better examples of the ongoing hostility to treaty-making]

Justice Scalia’s Rule of Law Efforts

by Duncan Hollis

Scalia photo

Justice Scalia’s passing comes as a shock and is generating tributes across ideological lines. Indeed, whether you agreed with his opinions or not (and I was not a fan of his thinking on cases like Sosa or Bond), Justice Scalia’s opinions deserved to be read.  Lines like “never-say-never jurisprudence” and “oh-so-close-to-relevant cases” are some of my personal favorites.  Readers should feel free to add their own in the comment section.

In the meantime, I wanted to pay tribute to a side of Justice Scalia that has garnered relatively little attention — his dedication to promoting the rule of law.  For the last sixteen years, Temple Law has run a rule of law program in Beijing hosted at Tsinghua University’s School of Law.  We offer an LLM to classes of 50 Chinese judges, prosecutors and lawyers, in an effort to acquaint them with the U.S. legal system and the rule of law more generally.  As part of the program, the Chinese students visit Philadelphia for the summer, which includes a day trip to D.C.  And nearly every year the highlight of that D.C. trip was an hour long private audience with Justice Scalia.  Justice Scalia would speak for a few minutes but most of the time was devoted to answering student questions. We conducted the sessions off the record, so I do not feel comfortable opining on who said what, but I always came away impressed by the honesty, vigor and intellectual quality of the exchange. I was universally impressed with Justice Scalia’s wit and candor.  He offered the students a true model of free speech in the U.S. legal tradition.  I don’t know if Temple’s China program was the only time he did this, or if this effort was one of many to expand the rule of law.  But I can say it was a highly effective one.  And so, as the nation mourns the passing of one of its most opinionated justices, I wanted to offer my own small tribute of appreciation to a man who, for whatever else he believed, was committed to the idea of democracy and the values of liberty and equality on which it stood.

Autonomous Legal Reasoning: Legal and Ethical Issues in the Technologies of Conflict

by Duncan Hollis

One of the highlights of my Fall semester was the opportunity to host a one-day workshop at Temple Law on how autonomous technology may impact the future of international humanitarian law (IHL) and the lawyers who practice it.  With co-sponsorship from the International Committee of the Red Cross (specifically, Rob Ramey and Tracey Begley) as well as Gary Brown of Marine Corps University, we wanted to have an inter-disciplinary conversation on the way autonomy may implicate the practice of law across a range of new technologies, including cyberwar, drones, and the potential for fully autonomous lethal weapons.  Although these technologies share common characteristics — most notably their ability (and sometimes their need) to operate in the absence of direct human control — discursive silos have emerged where these technologies tend to be discussed in isolation.

Our workshop sought to bridge this divide by including experts on all three technologies from an array of disciplinary backgrounds, including IHL, political science, and ethics (see here for a list of participants).  Fortunately, the day itself lived up to the hype, with a detailed agenda that prompted a wide-ranging set of conversations on the nature of the technology, the ethical issues, as well as IHL’s current regulations and its likely future evolution.  Subject to the Chatham House Rule, the ICRC has published summaries of these conversations on their blog, Intercross.

In addition to those blog posts, the Temple International and Comparative Law Journal will publish a series of short (and often provocative) think-pieces written for the workshop.  My own contribution, Setting the Stage: Autonomous Legal Reasoning in International Humanitarian Law is now available on SSRN.  Here’s the abstract:

This short essay seeks to reorient — and broaden — the existing discourse on international humanitarian law (IHL) and autonomous weapons. Written for a conference co-sponsored by the International Committee of the Red Cross, it employs a contextual analysis to pose new questions (and reformulate others) regarding the relationship between IHL and autonomous weapon systems. It asks six questions: (1) Who should IHL regulate in this context? Does IHL only regulate States and individuals, or can it provide rules for autonomous weapon systems themselves? (2) What types of autonomous technology should IHL regulate? Should the current focus on kinetic weapons expand to encompass cyber operations? (3) Where should this discourse occur? How do the trade-offs involved in locating legal discourse in a particular forum impact the elaboration of IHL vis-à-vis autonomous systems? (4) When should IHL regulate autonomous weapons? Should IHL ban autonomous weapons now or allow its regulation to emerge incrementally over time? Can IHL only apply when an autonomous system’s operations constitute an attack, or should IHL’s application reach more broadly? (5) How should IHL regulate autonomous weapon systems? Are prohibitions better or worse than prescriptive authorities? Should IHL regulate via rules, standards, or principles? Finally, (6) why should IHL regulate autonomous weapons? How can IHL best prioritize among its foundations in military necessity, humanitarian values, and the practical reality that the development of such systems now appears inevitable. In asking these questions, my essay offers a critical lens for gauging the current scope (and state) of international legal discourse on this topic. In doing so, it sets the stage for new lines of inquiry that States and other stakeholders will need to address to fully understand the perils — and potential — of increasing autonomy in technology for IHL and the international lawyers who practice it.

Fans of Thomas Aquinas may be particularly interested in this piece since I ask these questions using the same analytical frame Aquinas deployed to delineate those circumstances that define human acts.  Otherwise, interested readers should keep an eye out for the Symposium volume itself, which should be out sometime later this Spring or early this coming Summer.

 

Keeping up with the UN’s On-Line Lectures on International Law

by Duncan Hollis

We wanted to pass along a quick update from our friends at the UN Office of Legal Affairs who continue to build out an on-line international law research portal that can hopefully have lasting impact:

The Codification Division of the UN Office of Legal Affairs recently added new lectures to the UN Audiovisual Library of International Law website, which provides high quality international law training and research materials to an unlimited number of recipients around the world free of charge.

The latest lectures were given by Sir Michael Wood on “International Law and the Use of Force: What Happens in Practice?”, Professor Djamchid Momtaz on “La sécession en droit international” and by Professor August Reinisch on “The Evolution of WTO Dispute Settlement”.

Remembering Professor Burns Weston

by Duncan Hollis

Professor Burns Weston passed away on October 28, 2015.  His daughter, Rebecca Weston, wrote the following obituary, which she passed on to us to circulate among the international law community.  I never had the privilege of meeting Professor Weston, but was a regular user of his textbooks (on both international law and international environmental law).  I know I speak for all of us here at Opinio Juris when we offer our condolences to Rebecca, her family, Burns’ former students, as well as all his friends and colleagues.

Burns H. Weston, Bessie Dutton Murray Distinguished Professor of Law Emeritus at the University of Iowa and founder and senior scholar of the University of Iowa Center for Human Rights (UICHR) died on October 28, 2015, just a few days before his 82nd birthday.  After surviving numerous intense challenges to his health, Weston’s death was unexpected and sudden.  To the end, he was excited about upcoming birthday celebrations with his wife and visits to his children over Thanksgiving; he was steadily writing and developing new projects.

Weston was fond of quoting EB White, who said:  “If the world were merely seductive, that would be easy.  If it were merely challenging, that would be no problem.  But I arise in the morning torn between a desire to improve the world and a desire to enjoy the world.  This makes it hard to plan my day.”

In his own life, Weston also felt the pull of these choices every day – including in his first pivotal career decision to discontinue a promising career as a pianist or conductor to focus on the then relatively new field of international law.

As loved ones, friends and colleagues from around the world witnessed, Weston had a limitless capacity to enjoy so much about this world – and an equally tenacious drive to improve it.

After receiving his J.D. from Yale Law School, Weston began his legal career in 1961 with the distinguished New York City law firm of Paul, Weiss, Rifkand, Wharton & Garrison.  Wanting to teach, he subsequently joined The University of Iowa College of Law, where he remained for the rest of his professional life.  He devoted himself to the cause of international law, human rights and environmental sustainability.

As his close friend and colleague, Richard Falk said, Weston was one of “the most talented and dedicated international law scholar[s] of his generation.”  Weston authored over 28 books, innumerable articles, and was on the editorial board of over 10 professional journals, including the American Journal of International Law.  Among others, he published in the Harvard International Law Journal, Human Rights Quarterly, and the Journal of Human Rights and the Environment.

Over the years, Weston participated in fact finding missions, lectured, wrote and taught about some of the most pressing issues facing our planet: nuclear weapons and disarmament, child labor, human rights and in the latter part of his life, environmental survival.  And in doing this work, Weston was often bold and inventive.  As close collaborator David Bollier wrote, he was an “irresistible disruption” – a force of such optimism, conviction and potential – that he emboldened and challenged those around him.

At the University of Iowa, Weston inspired generations of law students and “put Iowa Law on the map” of international law and international human rights. He developed a path-breaking, problem-oriented approach to teaching international law and wrote the award-winning textbook, International Law and World Order: A Problem-Oriented Coursebook.   Always broad and expansive in his thinking, Weston also founded and directed an interdisciplinary, university-wide Center for World Order Studies (later known as the University’s “Global Studies Program”) in the 1970s.

At the same time, Weston was a dedicated teacher who paid close attention to and nurtured his students.  As one student wrote, he “will always be the internationally-renowned scholar, writer, and teacher who was also generous enough to write two e-mails to a very desperate law student when she needed it most.  And there’s not a lot of those out there.”

Prior to the end of the Cold War and the collapse of the Soviet Union, Weston took part in a human rights fact-finding mission to Havana Cuba in 1984, a protective conflict-mitigation mission in 1985 to accompany former political dissident (and later president) Kim Dae Jung upon his return to Korea following involuntary exile in the United States; and in 1987, a human rights fact-finding mission in the Israeli-Occupied Territories of the West Bank and Gaza.

Later, Weston (usually with his wife Dr. Marta Cullberg Weston), organized and/or participated in a number of human rights fact-finding and conflict-mitigation missions in the former Yugoslavia, Central Asia, and beyond.

In the latter part of his career, Weston founded the University of Iowa Center for Human Rights (UIHCR) and turned his scholarly attention to issues of the environment.  He immersed himself in the politics and the social dynamics of ecological crisis and climate change.  In 2012, Weston authored the International Environmental Law and World Order: A Problem-Oriented Casebook. 

Subsequently, in 2013, Weston co-authored a ground-breaking book titled Green Governance: Ecological Survivial, Human Rights, and the Law of the Commons.   As co-author David Bollier has written about their collaboration on the Commons Law Project, Weston “attacked these questions with the enthusiasm of a first-year law student and the sagacity of a gray eminence. […] He wasn’t afraid if they might require social and political struggle.”

At the time of his death, he was in the final stages of completing the 4th edition of Human Rights in the World Community: Issues and Action, with co-author, Anna Grear.

In his non-academic, non-activist life, Weston embraced the world “with all five senses.”  Above all, he was passionate about and constantly immersed in classical music:  friends and family can easily recall moments when Weston’s attention drifted into a musical score; they remember often urging him to lower the volume just enough to hear themselves talk in the car or over a dinner table conversation.

He also loved art, taking drives and going to movies.  He had a strong sense of aesthetics and a gifted ability to create beautiful spaces. In no place were Weston’s senses more alive or more soothed then in his beloved Adirondack Mountains.  Until the end, Weston was a devoted spouse, father and grandfather: he was consistently and steadily available, curious about and eager to support and connect with his children and grandchildren.

Weston is survived by his wife, Marta Cullberg-Weston (Sweden) and his two children, Timothy Bergmann Weston (Boulder) and Rebecca Burns Weston (Montana), four grandchildren (Leah and Emma Yonemoto-Weston, Elijah and Isabella Weston-Capulong) and three stepchildren, Malin Cullberg, Johannes Cullberg, and Martin Cullberg and five step grand-children John Birger Wedinger, Olivia Lampenius Cullberg, Sima Wiernik Cullberg, Joar Wiernik Cullberg, and Cecilia Lampenius Cullberg.

A memorial service in honor of Weston will be held at the University of Iowa College of Law on December 5, 2015, from 2:00 p.m. – 5:00 p.m.  Donations in Weston’s honor will be accepted at the Iowa Law School Foundation for the benefit of the University of Iowa Center for Human Rights, 130 Byington Road, Iowa City, Iowa 52242

ASIL’s Research Forum

by Duncan Hollis

I wanted to flag for interested readers the upcoming ASIL Research Forum in Washington, D.C., on October 23-24, 2015  I’ve been to a couple of the previous iterations and can attest that it’s a great way to catch up on some new scholarship and to hear a mix of new and old voices in the field.  This year’s event looks to continue that tradition.  Here’s how ASIL’s Executive Director Mark Agrast pitches the event:

This year’s Forum offers an exceptionally rich and diverse program, including expert-led discussions of 70 innovative papers, a luncheon program featuring remarks by former ICJ Judge and ASIL Honorary President Tom Buergenthal; and a ticketed dinner discussion of “Dispute Settlement with Iran: From the Hostage Crisis to the Nuclear Accord” with key negotiators from the U.S. Department of State.

The Forum will also include events specifically designed for students and new professionals. Our “International Law Career Panel and Speed Mentoring Event” will feature practitioners from a variety of international law fields and a networking reception, and two leading law librarians will lead a session on “International Law Research Strategies.”

This will be an outstanding opportunity for lawyers interested in the latest developments in international law to connect with thought leaders in their areas of interest.

If interested, you can see the full program and submit your registration here.  I’ll be commenting on a few treaty papers on Saturday, so feel free to say hello if you see me there.

.

Book Symposium: Cyber War – A Duty to Hack and the Boundaries of Analogical Reasoning

by Duncan Hollis

Back in 2012, I was pleased to receive an invitation to a conference that Jens, Kevin Govern, and Claire Finkelstein were hosting on the law and ethics of cyberwar.  It was a great conversation; so great, in fact, that Jens and his colleagues were inspired to use it as the launching pad for this volume — Cyberwar: Law and Ethics for Virtual Conflicts.  They asked me to write a chapter on an idea I’d had been thinking about since my first foray into the cyber arena back in 2007 — whether and when IHL (international humanitarian law, or the law of armed conflict for those of you trained in the United States) might involve a duty to hack?  The basic idea was straightforward — if a cyber-operation could achieve a military objective (say disabling a power grid or a war-supporting factory’s operations) without killing anyone or causing any lasting damage to the facility, shouldn’t IHL require States to employ it in lieu of kinetic operations that might cause civilian casualties or property damage?

Looking at the law today, the answer to this question is (largely) a negative one. Certainly, IHL contains a requirement for States to take precautionary measures (see Additional Protocol I, Art. 57) such as (i) choosing a means and method of warfare that minimizes ‘incidental loss of civilian life, injury to civilians, and damage to civilian objects’ and (ii) selecting military objectives ‘expected to cause the least danger to civilian lives and to civilian objects’ in cases where ‘a choice is possible between several military objectives for obtaining a similar military advantage.’  And these requirements could require a cyber-operation over a kinetic one in specific cases akin to the arguments for using available precision weaponry.  But, there’s nothing in IHL that has ever said States have to use a particular type of weapon first, as my duty to hack might suggest.

More importantly, some cyber-operations might not even fall within IHL’s current ambit.  Although there’s continuing debate, the majority view is that IHL’s principles of precaution, discrimination, and proportionality only apply in cases of an “attack.”  IHL does not prohibit targeting or even harming civilians or civilian objects in a cyber-operation so long as the effects are not analogous to those previously crossing the attack threshold (i.e., those with violent consequences involving injury, death, destruction or damage). The scope of IHL’s precautions are similarly qualified; where a cyber operation does not qualify as an attack (i.e., it doesn’t physically damage anything), it does not need to be among the range of options military planners are required to consider in deciding what and how to attack.  IHL thus appears to authorize attacks – kinetic or otherwise – that cause physical damage and loss or injury of human life so long as they compare favorably to potential losses from other types of ‘attacks’ even if the same objective could be achieved without any attack at all.  That result may be incongruous with the humanity values that motivate much of IHL, but it represents the law as it stands today.

My chapter, therefore, undertakes a normative argument for a Duty to Hack, recognizing that the idea is clearly lex ferenda.  I argue that IHL should require states to use cyber-operations in their military operations when they are expected to be the least harmful means available for achieving military objectives. This duty departs from the current law in two key respects.  First, it would remove the “attack” threshold for precautionary measures since the novel and wide-ranging capacities of cyber-operations unsettle the idea that only attacks can achieve military objectives.  A cyber-operation may be able to achieve a military objective (e.g., shutting down a factory for some desired period of time) without causing any physical harm.  Rather than leave such cyber-operations outside the requirements of precaution because they do not meet the definition of an ‘attack’, a Duty to Hack would require that they be part of any choice in means, methods and objectives.  A cyber-operation that can achieve a particular military objective without an attack should be required in lieu of any ‘attack’ on that same objective by other means or methods, whether cyber, kinetic, or non-kinetic in nature.  In other words, so long as the military objective is achievable (and nothing in my idea would require hacking if it can’t achieve lawful military objectives), the Duty to Hack requires employing cyber-operations generating no physical harm over those means and methods of warfare that, by definition, must generate some physical harm (similarly, it would prioritize cases involving some harm in comparison to means and methods that would generate more harm).

Second, the Duty to Hack would addresses all forms of physical harm from cyber-operations, not just those of a civilian character. Existing IHL – distinction, proportionality, and precautions – only require efforts to avoid, limit, or minimize civilian harm. Absent the harmful civilian impacts protected by these and other IHL rules, militaries are free to employ destructive and lethal force against military objects and belligerents.  This approach furthers military necessity – complete submission of the enemy as soon as possible – and made sense where military objectives were usually military in character and dual-use objects qualified as military objects only on occasion. But, as is well known, information communication technologies are regularly dual-use (that is, they are used by both civilian and military actors).  I question whether this default treatment of dual-use objects as military objects should continue where all these cyber-related dual-use objects may be attacked (and damaged or destroyed) without regard to any questions of distinction, proportionality or precautions vis-à-vis the objects themselves.  Of course, one solution would be to require more careful segregation of military objects in cases where they are situated within or among civilian objects. My Duty to Hack, however, takes a different, and simpler, approach.  It would require using cyber-operations that cause the least harm to achieve a military objective in military operations. For example, assuming disruption of Iran’s nuclear processing plant was a lawful military objective, the prospect of deploying Stuxnet to achieve that objective would take priority over doing so by an airstrike if that airstrike – even a precise one – would foreseeably involve greater risks of injury, death, damage or destruction than spinning centrifuges out of control periodically.

Ultimately, my Duty to Hack idea is designed to preserve the principles of distinction and proportionality; IHL would continue to prohibit direct attacks on civilians and their objects by cyber-operations or otherwise, just as any military operation that does constitute an attack must not generate excessive civilian harm.  Nor would my Duty to Hack override the requirement to comply with the principles of discrimination and avoidance of unnecessary suffering when it comes to developing or deploying cyber-operations.

My chapter offers a longer examination of the Duty to Hack concept than space permits here (including a discussion of how it differs from the “duty to capture” concept that has caused much controversy in IHL circles).  I explore the trade offs involved in adopting it (including the potential for it to incentivize greater military cyber surveillance to solidify the reliability of various cyber capabilities).  In doing this analysis, however, I was struck by the larger challenges of using analogies to carve out the existing lines of IHL in cyberspace (not to mention the contours of any new lines that I propose). As a result, I ended up framing my chapter around a larger, introductory analysis of the role of boundaries in legal discourse over cyberspace.

Readers may be familiar with debates over whether cyberspace is subject to physical, territorial boundaries, most notable in on-going debates about which governance models best serve cyberspace (the traditional sovereign territorial model, a multistakeholder model where cyberspace is a res communis, or some sort of hybrid approach).  But, I notice similar sorts of conceptual boundary disputes in questions over what rules of international law apply in cyberspace, with much of the existing analyses resting on analogies to pre-existing regulatory regimes.  I find this “law-by-analogy” approach problematic, particularly when it comes to IHL and rules on the use of force. My chapter explains the problems such line-drawing poses in terms of their (i) accuracy, (ii) effectiveness and (iii) completeness.  Law-by-analogy works well where analogies hold (i.e., defining a use of force in cyberspace where the effects of a cyber operation analogize to the effects of prior activities treated as uses of force in the past; or, defining a non-use of force where the effects analogize to activities not treated as uses of force in the past).  But analogies break down where the technology includes previously-unseen capacities, which have no prior analogues.  In such cases, default presumptions may simply regard the behavoir as automatically prohibited or permitted in ways that create tensions with the law’s underlying nature and purpose.  For example, I find it problematic that cyber-operations do not qualify as attacks simply because they do not involve violent consequence even if they can achieve the very same military objective as an attack.  My Duty to Hack idea serves as a response to such difficulties by thinking more carefully about the rules for cyber operations and the values they serve when there are no analogues to earlier operations defined as attacks.

In the end, I had two overarching goals for this chapter.  First, I wanted to highlight the role of boundaries in governing cyberspace, and problematize the reasoning it generates as a result, particularly when done under the heading of law-by-analogy.  Second, I offer a critique of how existing boundaries operate with respect to contrasting cyber operations with other forms of attack, leading me to call for IHL to include a Duty to Hack.  Although such a duty would not come without costs, I believe it would more accurately and effectively account for IHL’s fundamental principles and cyberspace’s unique attributes than existing efforts to foist legal boundaries upon State cyber-operations by analogy. It could, moreover, offer a necessary first step to resolving the larger theoretical and functional challenges currently associated with law’s boundaries in cyberspace.

Interested in more?  You could always buy the book.

So What Are Your Top 5 Worst Treaties Ever?

by Duncan Hollis

Benjamin Soloway at Foreign Policy magazine thrilled me last week when he called to set up an interview for this story on the worst treaties ever.  Simply put, I love treaties and I love lists.  After all, a few years back I started a discussion on the most important treaties ever.  But, having given a lot of thought to my top 5, I was surprised to have never done a list of my bottom five.  So, I spent an entire day before talking to Ben, pestering my family (who do not necessarily share my enthusiasm for all things treaty-related) with various candidates based on different ways of defining “worst” (worst treaty for humanity? the parties? one party in particular? for third parties? for the agreement’s stated goals?).  In the end, I’m glad to see all the treaties that I mentioned got onto his list. Some, sadly, didn’t make the cut –I’d wanted the Universal Rubber Agreement included because it’s a rare example of a treaty that so failed to perform its intended functions (stabilizing rubber as a commodity) that the parties went through the trouble of terminating it in lieu of just letting it fall into desuetude.

Interested readers should definitely read Ben’s article.  But I thought I’d open the comments section here to allow Opinio Juris readers to sound off on whether they agree with his list, or to offer their own suggestions.  What treaties would you add (or delete) if we’re talking about the worst treaties of all time?

The Latest American Digest on International Law is now Available

by Duncan Hollis

Just a quick note to flag that the Digest of United States Practice in International Law 2014 is now available. You can access it here.  And here’s the accompanying press release from the U.S. State Department:

The Department of State is pleased to announce the release of the 2014 Digest of United States Practice in International Law, covering developments during calendar year 2014. The Digest provides the public with a record of the views and practice of the Government of the United States in public and private international law. The official edition of the 2014 Digest is available exclusively on the State Department’s website at: www.state.gov/s/l/c8183.htm. Past Digests covering 1989 through 2013 are also available on the State Department’s website. The Digest is edited by the Office of the Legal Adviser.

The Digest traces its history back to an 1877 treatise by John Cadwalader, which was followed by multi-volume encyclopedias covering selected areas of international law. The Digest later came to be known to many as “Whiteman’s” after Marjorie Whiteman, the editor from 1963-1971. Beginning in 1973, the Office of the Legal Adviser published the Digest on an annual basis, changing its focus to documentation current to the year. Although publication was temporarily suspended after 1988, the office resumed publication in 2000 and has since produced volumes covering 1989 through 2013.

Make ASIL 2016 Great! Submit a Proposal

by Duncan Hollis

I am a huge fan of ASIL’s Annual Meeting for a whole host of reasons.  I like to see old friends, make new acquaintances, and spend inordinate amounts of time talking in the hallways.  The book sales on Saturday morning is a highlight of my year (no comment on what that may say about my life).  But what really holds the event together is it’s programming.  And while some of that programming comes from the Programming Committee leadership, many (if not most) of the panels have their origins in good ideas from members like you and me.  So, with that in mind, I thought I’d pass along the following item that I just received from Tillar House:

The Annual Meeting Committee of the American Society for International Law (ASIL) is currently accepting proposal submissions for its 110th Annual Meeting, held March 30 – April 2, 2016, in Washington, DC. This year’s meeting will be held under the theme “Charting New Frontiers in International Law.”
The Committee will prioritize session proposals that involve non-traditional formats, such as interviews, Q&A roundtables, lectures, poster sessions, or the use of multimedia or interactive audience participation features. In addition, the Committee is committed to expanding diversity in the issues and voices represented at the Annual Meeting, and is excited to present a track specifically focused on professional and academic development.

Submissions are due Monday, July 20th, 2015, and the Committee will notify proposers regarding the status of their submission via email in the fall of 2015. For instructions, more information on the Annual Meeting, and to submit a proposal, please visit http://asil.org/annualmeeting

I’m excited to see the call for new presentation formats and new voices.  So, please, if you have an interesting idea, please send it along to ASIL!  The Annual Meeting will be all the better for it.